<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Active Directory Integration</title>
<link rel="stylesheet" type="text/css" href="../C.css">
<script type="text/javascript" src="../jquery.js"></script><script type="text/javascript" src="../jquery.syntax.js"></script><script type="text/javascript" src="../yelp.js"></script>
</head>
<body id="home">
<!--<script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript"></script><script type="text/javascript">
        _uacct = "UA-1018242-8";
        urchinTracker();
      </script><script>
      function englishPageVersion() {
        var href = window.location.href;
        if (href.slice(-1) == "/") {
                window.location = "index.html.en";
        } else {
                window.location = href.replace(/\.html.*/, ".html.en");
        }
         return false;
      }
      function browserPreferredLanguage() {
        var href = window.location.href;
        if (href.slice(-1) == "/") {
                window.location = href;
        } else {
                window.location = href.replace(/\.html.*/, ".html");
        }
        return false;
      }
      </script>--><div id="container">
<div id="container-inner">
<div id="mothership"><ul>
<li><a href="https://partners.ubuntu.com">Partners</a></li>
<li><a href="https://www.ubuntu.com/support/community-support">Support</a></li>
<li><a href="https://community.ubuntu.com">Community</a></li>
<li><a href="https://www.ubuntu.com">Ubuntu.com</a></li>
</ul></div>
<div id="header">
<h1 id="ubuntu-header"><a href="https://help.ubuntu.com/">Ubuntu Documentation</a></h1>
<ul id="main-menu">
<li><a class="main-menu-item current" href="https://help.ubuntu.com/">Official Documentation</a></li>
<li><a href="https://help.ubuntu.com/community/CommunityHelpWiki">Community Help Wiki</a></li>
<li><a href="https://community.ubuntu.com/t/contribute/26">Contribute</a></li>
</ul>
</div>
<div id="menu-search"><div id="search-box">
<noscript><form action="https://www.google.com/cse" id="cse-search-box"><div>
<input type="hidden" name="cx" value="003883529982892832976:e2vwumte3fq"><input type="hidden" name="ie" value="UTF-8"><input type="text" name="q" size="21"><input type="submit" name="sa" value="Search">
</div></form></noscript><!--
<script>
                document.write('<form action="https://help.ubuntu.com/search.html" id="cse-search-box">');
                document.write('  <div>');
                document.write('    <input type="hidden" name="cof" value="FORID:9">');
                document.write('    <input type="hidden" name="cx" value="003883529982892832976:e2vwumte3fq">');
                document.write('    <input type="hidden" name="ie" value="UTF-8">');
                document.write('    <input type="text" name="q" size="21">');
                document.write('    <input type="submit" name="sa" value="Search">');
                document.write('  </div>');
                document.write('</form>');
              </script>-->
</div></div>
<div class="trails"><div class="trail">
<a href="https://help.ubuntu.com/18.04" class="trail">Ubuntu 18.04</a> » <a class="trail" href="../index.html" title="Ubuntu Server Guide">Ubuntu Server Guide</a> » <a class="trail" href="samba.html" title="Samba">Samba</a> » </div></div>
<div id="cwt-content" class="clearfix content-area"><div id="page">
<div id="content">
<div class="links nextlinks">
<a class="nextlinks-prev" href="samba-dc.html" title="As a Domain Controller">Previous</a><a class="nextlinks-next" href="../backups/backups.html" title="Backups">Next</a>
</div>
<div class="hgroup"><h1 class="title">Active Directory Integration</h1></div>
<div class="region">
<div class="contents"></div>
<div class="links sectionlinks" role="navigation"><ul>
<li class="links"><a class="xref" href="samba-ad-integration.html#ad-integration-samba-share" title="Accessing a Samba Share">Accessing a Samba Share</a></li>
<li class="links"><a class="xref" href="samba-ad-integration.html#ad-integration-windows-share" title="Accessing a Windows Share">Accessing a Windows Share</a></li>
<li class="links"><a class="xref" href="samba-ad-integration.html#ad-integration-resources" title="Resources">Resources</a></li>
</ul></div>
<div class="sect2 sect" id="ad-integration-samba-share"><div class="inner">
<div class="hgroup"><h2 class="title">Accessing a Samba Share</h2></div>
<div class="region"><div class="contents">
<p class="para">
      Another, use for Samba is to integrate into an existing Windows network.  Once part of an Active Directory domain,
      Samba can provide file and print services to AD users.
      </p>
<p class="para">
      The simplest way to join an AD domain is to use <span class="app application">Likewise-open</span>.  For detailed instructions
      see the <a href="http://www.beyondtrust.com/Technical-Support/Downloads/files/pbiso/Manuals/ubuntu-active-directory.html" class="ulink" title="http://www.beyondtrust.com/Technical-Support/Downloads/files/pbiso/Manuals/ubuntu-active-directory.html"> 
      Likewise Open documentation</a>.
      </p>
<p class="para">
      Once part of the Active Directory domain, enter the following command in the terminal prompt:
      </p>
<div class="screen"><pre class="contents "><span class="cmd command">sudo apt install samba cifs-utils smbclient</span>
</pre></div>
<p class="para">
      Next, edit <span class="file filename">/etc/samba/smb.conf</span> changing:
      </p>
<div class="code"><pre class="contents ">   workgroup = EXAMPLE
   ...
   security = ads
   realm = EXAMPLE.COM
   ...
   idmap backend = lwopen
   idmap uid = 50-9999999999
   idmap gid = 50-9999999999
</pre></div>
<p class="para">
      Restart <span class="app application">samba</span> for the new settings to take effect:
      </p>
<div class="screen"><pre class="contents "><span class="cmd command">sudo systemctl restart smbd.service nmbd.service</span>
</pre></div>
<p class="para">
      You should now be able to access any <span class="app application">Samba</span> shares from a Windows client.  However, be sure to give
      the appropriate AD users or groups access to the share directory.  See <a class="xref" href="samba-fileprint-security.html" title="Securing File and Print Server">Securing File and Print Server</a> for 
      more details.
      </p>
</div></div>
</div></div>
<div class="sect2 sect" id="ad-integration-windows-share"><div class="inner">
<div class="hgroup"><h2 class="title">Accessing a Windows Share</h2></div>
<div class="region"><div class="contents">
<p class="para">
      Now that the Samba server is part of the Active Directory domain you can access any Windows server shares:
      </p>
<div class="list itemizedlist"><ul class="list itemizedlist">
<li class="list itemizedlist">

          <p class="para">
          To mount a Windows file share enter the following in a terminal prompt:
          </p>
<div class="screen"><pre class="contents "><span class="cmd command">mount.cifs //fs01.example.com/share mount_point</span>
</pre></div>

          <p class="para">
          It is also possible to access shares on computers not part of an AD domain, but a username and password 
          will need to be provided.
          </p>

        </li>
<li class="list itemizedlist">

          <p class="para">
          To mount the share during boot place an entry in <span class="file filename">/etc/fstab</span>, for example:
          </p>

<div class="code"><pre class="contents ">//192.168.0.5/share /mnt/windows cifs auto,username=steve,password=secret,rw 0        0
</pre></div>

        </li>
<li class="list itemizedlist">

          <p class="para">
          Another way to copy files from a Windows server is to use the <span class="app application">smbclient</span> utility.  To 
          list the files in a Windows share:
          </p>

<div class="screen"><pre class="contents "><span class="cmd command">smbclient //fs01.example.com/share -k -c "ls"</span>
</pre></div>

        </li>
<li class="list itemizedlist">

          <p class="para">
          To copy a file from the share, enter:
          </p>

<div class="screen"><pre class="contents "><span class="cmd command">smbclient //fs01.example.com/share -k -c "get file.txt"</span>
</pre></div>

          <p class="para">
          This will copy the <span class="file filename">file.txt</span> into the current directory.
          </p>

        </li>
<li class="list itemizedlist">

          <p class="para">
          And to copy a file to the share:
          </p>

<div class="screen"><pre class="contents "><span class="cmd command">smbclient //fs01.example.com/share -k -c "put /etc/hosts hosts"</span>
</pre></div>

          <p class="para">
          This will copy the <span class="file filename">/etc/hosts</span> to <span class="file filename">//fs01.example.com/share/hosts</span>.
          </p>

        </li>
<li class="list itemizedlist">

          <p class="para">
          The <span class="em emphasis">-c</span> option used above allows you to execute the <span class="app application">smbclient</span> command
          all at once.  This is useful for scripting and minor file operations.  To enter the <span class="em emphasis">smb: \&gt;</span>
          prompt, a FTP like prompt where you can execute normal file and directory commands, simply execute:
          </p>

<div class="screen"><pre class="contents "><span class="cmd command">smbclient //fs01.example.com/share -k</span>
</pre></div>

        </li>
</ul></div>
<div class="note" title="Note"><div class="inner"><div class="region"><div class="contents">
        <p class="para">
        Replace all instances of <span class="em emphasis">fs01.example.com/share</span>, <span class="em emphasis">//192.168.0.5/share</span>, 
        <span class="em emphasis">username=steve,password=secret</span>, and <span class="em emphasis">file.txt</span> with your server's IP, hostname, 
        share name, file name, and an actual username and password with rights to the share.
        </p>
      </div></div></div></div>
</div></div>
</div></div>
<div class="sect2 sect" id="ad-integration-resources"><div class="inner">
<div class="hgroup"><h2 class="title">Resources</h2></div>
<div class="region"><div class="contents">
<p class="para">
      For more <span class="app application">smbclient</span> options see the man page: <span class="cmd command">man smbclient</span>, also available
      <a href="http://manpages.ubuntu.com/manpages/bionic/en/man1/smbclient.1.html" class="ulink" title="http://manpages.ubuntu.com/manpages/bionic/en/man1/smbclient.1.html">online</a>.
      </p>
<p class="para">
      The <span class="app application">mount.cifs</span> 
      <a href="http://manpages.ubuntu.com/manpages/bionic/en/man8/mount.cifs.8.html" class="ulink" title="http://manpages.ubuntu.com/manpages/bionic/en/man8/mount.cifs.8.html">man page</a> is also useful for 
      more detailed information.
      </p>
<p class="para">
      The <a href="https://help.ubuntu.com/community/Samba" class="ulink" title="https://help.ubuntu.com/community/Samba">Ubuntu Wiki Samba </a> page.
      </p>
</div></div>
</div></div>
</div>
<div class="links nextlinks">
<a class="nextlinks-prev" href="samba-dc.html" title="As a Domain Controller">Previous</a><a class="nextlinks-next" href="backups.html" title="Backups">Next</a>
</div>
<div class="clear"></div>
</div>
<div id="pagebottom"></div>
</div></div>
</div>
<div id="footer"><p>The material in this document is available under a free license, see <a href="https://help.ubuntu.com/legal.html">Legal</a> for details.<br>
          For information on contributing see the <a href="https://wiki.ubuntu.com/DocumentationTeam">Ubuntu Documentation Team wiki page</a>.
          To report errors in this serverguide documentation, <a href="https://bugs.launchpad.net/serverguide">file a bug report</a>.</p></div>
</div>
</body>
</html>
